elastic-esql 0.2.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/elastic/esql.rb +41 -53
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f7837c640aa915808d6c720d4cd53bdcfe3210fbff0a5e9b900a0c0adcc3ed7a
|
|
4
|
+
data.tar.gz: 6f3cc673984d2968b098a36137a44780e279be68c3ec04d37737044e29cf1af5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 90fbc7b576d768c0d2282d87e2ae0bcbd7c8f82ba19a910edfd084fa15cb5ef1b86423fe4eae5ddd07c0910ab0dcde4a6e67516147b54f5102a093c018d26237
|
|
7
|
+
data.tar.gz: a535a2fa6d19d8a5bb41ac4c70e27f66559699fe07073383ee7a3af295416d0df8a1f47e7a7ff0a1fbe20d0c6dbb315e6842e4fbf111351de2ee54d4bd774a56
|
data/lib/elastic/esql.rb
CHANGED
|
@@ -15,50 +15,44 @@
|
|
|
15
15
|
# specific language governing permissions and limitations
|
|
16
16
|
# under the License.
|
|
17
17
|
|
|
18
|
+
require_relative 'branch'
|
|
18
19
|
require_relative 'change_point'
|
|
19
20
|
require_relative 'custom'
|
|
20
21
|
require_relative 'dissect'
|
|
21
22
|
require_relative 'drop'
|
|
22
23
|
require_relative 'enrich'
|
|
23
24
|
require_relative 'eval'
|
|
25
|
+
require_relative 'functions'
|
|
26
|
+
require_relative 'fork'
|
|
27
|
+
require_relative 'fuse'
|
|
24
28
|
require_relative 'grok'
|
|
25
29
|
require_relative 'keep'
|
|
26
|
-
require_relative 'limit'
|
|
27
30
|
require_relative 'lookup_join'
|
|
28
31
|
require_relative 'metadata'
|
|
32
|
+
require_relative 'queryable'
|
|
29
33
|
require_relative 'rename'
|
|
30
34
|
require_relative 'row'
|
|
31
35
|
require_relative 'show'
|
|
32
|
-
require_relative '
|
|
33
|
-
require_relative '
|
|
36
|
+
require_relative 'stats'
|
|
37
|
+
require_relative 'ts'
|
|
38
|
+
require_relative 'util'
|
|
34
39
|
|
|
35
40
|
module Elastic
|
|
36
41
|
# @example
|
|
37
42
|
# Elastic::ESQL.from('sample_data').sort_descending('@timestamp').limit(3).to_s
|
|
38
43
|
# # => FROM 'sample_data' | SORT @timestamp desc | LIMIT 3
|
|
39
44
|
class ESQL
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
include
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
include Keep
|
|
47
|
-
include Limit
|
|
48
|
-
include LookupJoin
|
|
49
|
-
include Metadata
|
|
50
|
-
include Rename
|
|
51
|
-
include Row
|
|
52
|
-
include Show
|
|
53
|
-
include Sort
|
|
54
|
-
include Where
|
|
55
|
-
SOURCE_COMMANDS = [:from, :row, :show].freeze
|
|
45
|
+
[
|
|
46
|
+
ChangePoint, Custom, Dissect, Drop, Eval, Fork, Fuse, Grok, Keep, LookupJoin, Metadata,
|
|
47
|
+
Queryable, Rename, Row, Show, Stats, TS, Util
|
|
48
|
+
].each { |m| include m }
|
|
49
|
+
|
|
50
|
+
SOURCE_COMMANDS = [:from, :row, :show, :ts].freeze
|
|
56
51
|
|
|
57
52
|
def initialize
|
|
58
53
|
@query = {}
|
|
59
54
|
@custom = []
|
|
60
55
|
@metadata = []
|
|
61
|
-
@lookup_joins = []
|
|
62
56
|
end
|
|
63
57
|
|
|
64
58
|
# Function to build the ES|QL formatted query and return it as a String.
|
|
@@ -67,15 +61,14 @@ module Elastic
|
|
|
67
61
|
def query
|
|
68
62
|
raise ArgumentError, 'No source command found' unless source_command_present?
|
|
69
63
|
|
|
70
|
-
@query[:enrich] = @enriches.join('| ') if @enriches
|
|
64
|
+
@query[:enrich] = @enriches.map(&:to_query).join('| ') if @enriches
|
|
71
65
|
string_query = build_string_query
|
|
72
|
-
string_query.concat(build_lookup_joins) unless @lookup_joins.empty?
|
|
73
66
|
string_query.concat(" #{@custom.join(' ')}") unless @custom.empty?
|
|
74
67
|
string_query
|
|
75
68
|
end
|
|
76
69
|
|
|
77
|
-
# Creates a new Enrich object to chain with +on+ and +with+. If other
|
|
78
|
-
# Enrich object, it
|
|
70
|
+
# Creates a new Enrich object to chain with +on+ and +with+. If other method is chained to the
|
|
71
|
+
# Enrich object, it calls it upon the ESQL object that instantiated it, and returns it.
|
|
79
72
|
# @return [Elastic::Enrich]
|
|
80
73
|
def enrich(policy)
|
|
81
74
|
@enriches ||= []
|
|
@@ -109,6 +102,10 @@ module Elastic
|
|
|
109
102
|
new.row(*params)
|
|
110
103
|
end
|
|
111
104
|
|
|
105
|
+
def self.ts(*params)
|
|
106
|
+
new.ts(*params)
|
|
107
|
+
end
|
|
108
|
+
|
|
112
109
|
# Instance method to allow to update +from+ with +esql.from('different_source')+.
|
|
113
110
|
# @param [String] index_pattern A list of indices, data streams or aliases. Supports wildcards and date math.
|
|
114
111
|
def from(index_pattern)
|
|
@@ -122,6 +119,26 @@ module Elastic
|
|
|
122
119
|
query
|
|
123
120
|
end
|
|
124
121
|
|
|
122
|
+
# rubocop:disable Naming/MethodName, Naming/BinaryOperatorParameterName
|
|
123
|
+
def self.🐔(message)
|
|
124
|
+
"ROW CHICKEN(\"#{message}\")"
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
def 🐔(message)
|
|
128
|
+
self.class.🐔(message)
|
|
129
|
+
end
|
|
130
|
+
|
|
131
|
+
alias chicken 🐔
|
|
132
|
+
|
|
133
|
+
class << self
|
|
134
|
+
alias chicken 🐔
|
|
135
|
+
end
|
|
136
|
+
# rubocop:enable Naming/MethodName, Naming/BinaryOperatorParameterName
|
|
137
|
+
|
|
138
|
+
def self.branch
|
|
139
|
+
Branch.new
|
|
140
|
+
end
|
|
141
|
+
|
|
125
142
|
private
|
|
126
143
|
|
|
127
144
|
# Function for eval, row, and other functions that have one or more columns with values specified
|
|
@@ -152,34 +169,5 @@ module Elastic
|
|
|
152
169
|
|
|
153
170
|
false
|
|
154
171
|
end
|
|
155
|
-
|
|
156
|
-
# Helper method to return a copy of the object when functions are called without `!`, so the
|
|
157
|
-
# object is not mutated.
|
|
158
|
-
def method_copy(name, *params)
|
|
159
|
-
esql = clone
|
|
160
|
-
esql.instance_variable_set('@query', esql.instance_variable_get('@query').clone)
|
|
161
|
-
esql.send("#{name}!", *params)
|
|
162
|
-
esql
|
|
163
|
-
end
|
|
164
|
-
|
|
165
|
-
# Helper to build the LOOKUP JOIN part of the query.
|
|
166
|
-
def build_lookup_joins
|
|
167
|
-
joins = @lookup_joins.map { |a| a.map { |k, v| "LOOKUP JOIN #{k} ON #{v}" } }.flatten.join(' | ')
|
|
168
|
-
" | #{joins}"
|
|
169
|
-
end
|
|
170
|
-
|
|
171
|
-
# Helper to build the String for the simpler functions.
|
|
172
|
-
# These are of the form 'key.upcase value' like 'DROP value'
|
|
173
|
-
# If metadata has been set, it needs to be added to FROM. There's a possibility there'll be more
|
|
174
|
-
# special cases like this in the future, they can be added here.
|
|
175
|
-
def build_string_query
|
|
176
|
-
@query.map do |k, v|
|
|
177
|
-
if k == :from && !@metadata.empty?
|
|
178
|
-
"#{k.upcase} #{v} METADATA #{@metadata.join(', ')}"
|
|
179
|
-
else
|
|
180
|
-
"#{k.upcase} #{v}"
|
|
181
|
-
end
|
|
182
|
-
end.join(' | ')
|
|
183
|
-
end
|
|
184
172
|
end
|
|
185
173
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: elastic-esql
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Fernando Briano
|
|
@@ -104,7 +104,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
104
104
|
- !ruby/object:Gem::Version
|
|
105
105
|
version: '0'
|
|
106
106
|
requirements: []
|
|
107
|
-
rubygems_version:
|
|
107
|
+
rubygems_version: 4.0.3
|
|
108
108
|
specification_version: 4
|
|
109
109
|
summary: Elastic ES|QL Query builder
|
|
110
110
|
test_files: []
|